- All Exams Instant Download
Given the antivirus profile and file transfer output shown in the exhibits, why is FortiGate not blocking the eicar.comfile over FTP download?
Refer to the exhibits. Given the antivirus profile and file transfer output shown in the exhibits, why is FortiGate not blocking the eicar.comfile over FTP download?A . Because the proxy options profile needs to scan FTP traffic on a non-standard portB . Because the FortiSandbox signature database is required to...
Which statements about a One-to-One IP pool are true? (Choose two. )
Which statements about a One-to-One IP pool are true? (Choose two. )A . It is used for destination NAC . It allows the fixed mapping of an internal address range to an external address range.D . It does not use port address translation.E . ID It allows the configuration of...
What information will be included in the sniffer output?
An administrator is running the following sniffer command : diagnose sniffer packet any"host 10.0.2.10" 3 What information will be included in the sniffer output? (Choose three.)A . IP headerB . Ethernet headerC . Packet payloadD . Application headerE . Interface nameView AnswerAnswer: ABC
Why is the site www.bing.com being blocked?
Examine the exhibit, which shows the output of a web filtering real time debug. Why is the site www.bing.com being blocked?A . The web site www.bing.comis categorized by FortiGuard as Malicious Websites.B . The user has not authenticated with the FortiGate yet.C . The web server IP address 204.79.197.200is categorized...
An administrator is attempting to allow access to https://fortinet. com through a firewall policy that is configured with a webfilter and an SSL inspection profile configured for deep inspection which of the following are possible actions to eliminate the certificate error generated by deep inspection? (Choose Two)
An administrator is attempting to allow access to https://fortinet. com through a firewall policy that is configured with a webfilter and an SSL inspection profile configured for deep inspection which of the following are possible actions to eliminate the certificate error generated by deep inspection? (Choose Two)A . Implement firewall...
Given the partial output of an IKE real-time debug shown in the exhibit, which statement about the output is true?
Refer to the exhibit. Given the partial output of an IKE real-time debug shown in the exhibit, which statement about the output is true?A . The VPN is configured to use pre-shared key authentication.B . Extended authentication (XAuth) was successful.C . Remoteis the host name of the remote IPsec peer.D...
Which security profile configuration does not change when you enable policy-based inspection?
NGFW mode allows policy-based configuration for most inspection rules. Which security profile configuration does not change when you enable policy-based inspection?A . Application controlB . Web filteringC . Web proxyD . AntivirusView AnswerAnswer: D
Which statement about the firewall policy authentication timeout is true?
Which statement about the firewall policy authentication timeout is true?A . It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source IC . It is a hard timeout. The FortiGate removes the temporary policy for...
What does the configuration do?
An administrator has configured the following settings config system settings set ses-denied-traffic enable end config system global set block-session-timer 30 end What does the configuration do? (Choose two)A . Reduces the amount of logs generated by denied trafficB . Enforces device detection on all interfaces for 30 minutesC . Blocks...
Which configuration option is the most effective way to support this request?
A team manager has decided that, while some members of the team need access to a particular website, the majority of the team does not. Which configuration option is the most effective way to support this request?A . Implement web filter authentication for the specified website.B . Implement a web...
